Date: Wed, 29 May 2002 08:42:27 -0700 From: Luigi Rizzo <rizzo@icir.org> To: "Albuquerque, Marcelo M" <marcelo.m.albuquerque@boeing.com> Cc: "'freebsd-net@freeBSD.ORG'" <freebsd-net@FreeBSD.ORG> Subject: Re: Does "xmit" work with ipfw dummynet? Message-ID: <20020529084227.A21332@iguana.icir.org> In-Reply-To: <F10E013C394AD411A2F10008C75DF4823D4387@xch-knt-01.nw.nos.boeing.com>; from marcelo.m.albuquerque@boeing.com on Wed, May 29, 2002 at 08:40:36AM -0700 References: <F10E013C394AD411A2F10008C75DF4823D4387@xch-knt-01.nw.nos.boeing.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 29, 2002 at 08:40:36AM -0700, Albuquerque, Marcelo M wrote: > dummynet is not behaving as expected, and I'm wondering whether the command > is compatible with bridging mode (freebsd 4.5): xmit cannot match on bridged packets luigi > > Here is the setup: > > ___________________ > | | > 192.168.1.1 --- |FreeBSD 4.5 Bridge | --- 192.168.1.2 > |___________________| > | > | > 192.168.1.3 > > > This works: > ipfw add 100 deny ip from any to any in recv fxp0 > > This doesn't: > ipfw add 100 deny ip from any to any out xmit fxp1 > > What I really want, but fear is not supported, is: > ipfw add 100 deny ip from any to any out recv fxp0 xmit fxp1 > > That is, I want to block traffic coming in from fxp0 and going out > fxp1, in bridged mode. > > Anyone know if this is possible? > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020529084227.A21332>